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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- tf NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[3 Responsive to communication(s) filed on 12 October 2001 . 
2a)D This action is FINAL. 2b)l3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) M Claim(s) 1-32 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-7 and 11-31 is/are rejected. 

7) M Claim(s) 8-10 and 32 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) S The drawing(s) filed on 12 October 2001 is/are: a)D accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) S Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)E3 All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1-32 have been examined. 

2. Foreign Priority benefit claimed under Title 35, United States Code, § 119 
have been acknowledged. 

Drawings 

3. Figures 1-3 should be designated by a legend such as -Prior Art- 
because only that which is old is illustrated (see page 1-5 of the specification). 
See MPEP § 608.02(g). 

Information Disclosure Statement PTO-1449 

4. The Information Disclosure Statement submitted by applicant on 
06/1 1/2005 & 03/15/2005 have been considered. Please see attached PTO- 
1449. 

Claim Rejections - 35 USC §112 

5. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter, which the applicant regards as his invention. 
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6. Claims 2 and 6 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

In claims 2 and 6, the "state information stored" phrases makes the claims 
indefinite and unclear in that neither method steps nor interrelationship of method 
steps are set forth in these claims in order to achieve the desired results 
expressed in the "state information stored" phrases. 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 

U.S.C. 102 that form the basis for the rejections under this section made in this 

Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent or 
(2) a patent granted on an application for patent by another filed in the United States before 
the invention by the applicant for patent, except that an international application filed under 
the treaty defined in section 351 (a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

8. Claims 1-6, 11-14 and 17-31 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Mikurak (6,606,744 B1). 

As per claim 1 Mikurak (6,606,744 B1) teach a method (400, 500, 600, 700) for 
synchronizing state information in a security gateway cluster, said security 
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gateway cluster comprising at least two nodes, said method comprising the step 
of: synchronizing (403) state information by sending state information from a first 
node of said at least two nodes, characterized in that it comprises the steps of: 
detecting (401) in said security gateway cluster a predetermined irregularly 
occurring action, and initiating (402) synchronization of state information as a 
response to said action, and in that in said step of synchronizing state 
information, state information is sent to at least a second node of said at least 
two nodes (see col.28, lines 59-67; col.29, lines 1-12 and 27-42 where above 
limitations are met and where the switch or the virtual circuit corresponds to 
applicant's gateway; information packet carries such as source node, destination 
node, security fields are corresponds to applicant's state information; and where 
CRC or the error detection corresponds to applicant's irregularities detection; and 
where reinstate the control information to the departing packet based on the error 
detection corresponds to applicant's synchronization of the packet and 
modification of the state information in the packet). Also see the entire reference 
for more detailed in different environment. 

As per claim 2 Mikurak (6,606,744 B1) teach a method according to claim 1 , 
characterized in that said predetermined action is modification of state 
information (602) stored in said first node (see col.29, lines 6-12). 

As per claim 3 Mikurak (6,606,744 B1) teach a method according to claim 2, 
characterized in that in the step of synchronizing state information only modified 
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part of the state information stored in said first node is sent (see col .29, lines 6- 
12). 

As per claim 4 Mikurak (6,606,744 B1) teach a method according to claim 3, 
characterized in that the modified part of the state information is sent from said 
first node to all other nodes of said security gateway cluster (see col .29, lines 6- 
12; col. 28, lines 36-46 where it disclose the packet may be sent as broadcast or 
multiple destinations). 

As per claim 5 Mikurak (6,606,744 B1) teach a method according to claim 4, 
characterized in that the modified part of the state information relates to a certain 
protocol, authentication information, virtual private network parameters or 
intrusion detection system (see col .29, lines 3-42). 

As per claim 6 Mikurak (6,606,744 B1) teach a method according to claim 1, 
characterized in that in the step of synchronizing state information all state 
information stored in said first node is sent (see col.29, lines 3-42). 

As per claim 11 Mikurak (6,606,744 B1) teach a method (700) according to 
claim 1 , characterized in that said predetermined action is said first node failing 
(701) to continue normal operation (see col.29-30). 
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As per claim 12 Mikurak (6,606,744 B1) teach a method according to claim 1 , 
characterized in that said predetermined action is said second node requesting 
(704) for state information (see col.29-30). 

As per claim 13 teach a method according to claim 1 , characterized in that said 
predetermined action is said first node initiating a transition to offline state. 

As per claim 14 Mikurak (6,606,744 B1 ) teach a method according to claim 1 , 
characterized in that said predetermined action is handling of data packets 
relating to a communication session in at least two nodes, one of them being said 
first node, and in that said synchronization of state information is performed 
between at least said at least two nodes as applied to claim 1 above). 

As per claim 17 Mikurak (6,606,744 B1) teach a method according to claim 1 , 
characterized in that it further comprises the step of: delaying sending of a 
plurality of data packets from said first node until said synchronization of state 
information is performed (see col .28-29). 

As per claim 18 Mikurak (6,606,744 B1) teach a computer program comprising 
program code for performing all the steps of claim 1 when said program is run on 
a computer (see abstract; col .28-30). 



As per claim 19 Mikurak (6,606,744 B1) teach a computer program product 
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comprising program code means stored on a computer readable medium for 
performing the method of claim 1 when said program product is run on a 
computer (see abstract; col .28-30). 

As per claim 20 Mikurak (6,606,744 B1 ) teach a first software entity (91 0) for a 
node (900) in a security gateway cluster, said first software entity comprising 
program code means (91 1) for processing data packets, program code means 
(912) for storing state information of said node, and program code means (914) 
for synchronizing said state information with at least a second first software entity 
in one other node of said security gateway cluster, characterized in that said first 
software entity further comprises program code means (915) for receiving from 
said second software entity instructions to initiate synchronizing said state 
information, and in that said program code means (914) for synchronizing said 
state information are arranged to initiate synchronization as a response to receipt 
of instructions to initiate synchronization (see col.28, lines 59-67; col .29, lines 1- 
12 and 27-42 where above limitations are met and where the switch or the virtual 
circuit corresponds to applicant's gateway; information packet carries such as 
source node, destination node, security fields are corresponds to applicant's 
state information; and where CRC or the error detection corresponds to 
applicant's irregularities detection; and where reinstate the control information to 
the departing packet based on the error detection corresponds to applicant's 
synchronization of the packet and modification of the state information in the 
packet). Also see the entire reference for more detailed in different environment. 
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As per claim 21 Mikurak (6,606,744 B1) teach a first software entity according to 
claim 20, characterized in that it further comprises program code means (916) for 
causing a data packet to be delayed until an initiated state information 
synchronization is complete (see col .28-29). 

As per claim 22 Mikurak (6,606,744 B1) teach a first software entity according to 
claim 21, characterized in that said program code means (916) for causing a data 
packet to be delayed are arranged to delay said data packet (see col .28-30). 

As per claim 23 Mikurak (6,606,744 B1) teach a first software entity according to 
claim 21, characterized in that said program code means (916) for causing a data 
packet to be delayed are arranged to inform the second software entity when an 
initiated state information synchronization is complete (see col.28-30). 

As per claim 24 Mikurak (6,606,744 B1) teach a first software entity according to 
claim 20, characterized in that it further comprises program code means (913) for 
receiving instructions to modify said state information from a second software 
entity residing in a same node as said first software entity (see col.28-30). 

As per claim 25 Mikurak (6,606,744 B1) teach a second software entity (920) for 
a node in a security gateway cluster, said second software entity comprising 
program code means (921 ) for monitoring data packets relating to certain 
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communication protocol connections, characterized in that it further comprises 
program code means (923) for delivering to a first software entity instructions to 
initiate synchronizing said state information (see col. 28, lines 59-67; col .29, lines 
1-12 and 27-42 where above limitations are met and where the switch or the 
virtual circuit corresponds to applicant's gateway; information packet carries such 
as source node, destination node, security fields are corresponds to applicant's 
state information; and where CRC or the error detection corresponds to 
applicant's irregularities detection; and where reinstate the control information to 
the departing packet based on the error detection corresponds to applicant's 
synchronization of the packet and modification of the state information in the 
packet). Also see the entire reference for more detailed in different environment. 

As per claim 26 Mikurak (6,606,744 B1) teach a second software entity 
according to claim 25, characterized in that it further comprises program code 
means (924) for causing a data packet to be delayed until an initiated state 
information synchronization is complete (see col. 28-29). 

As per claim 27 Mikurak (6,606,744 B1) teach a second software entity 
according to claim 26, characterized in that said program code means (924) for 
causing a data packet to be delayed are arranged to inform the first software 
entity to delay a data packet (see col .28-30). 

As per claim 28 Mikurak (6,606,744 B1) teach a second software entity 
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according to claim 26, characterized in that said program code means (924) for 
causing a data packet to be delayed are arranged to be informed by the first 
software entity, when an initiated state information synchronization is complete, 
and subsequently trigger delivery of said data packet to the first software entity 
(see col .28-30). 

As per claim 29 Mikurak (6,606,744 B1) teach a second software entity 
according to claim 25, characterized in that it further comprises program code 
means (922) for delivering to a first software entity instructions to modify state 
information comprising information about connections (see col .29, lines 3-42). 

As per claim 30 teach a node (900) of a security gateway cluster comprising 
means (931 ) for storing state information of said node, and means (932) for 
synchronizing said state information with at least one other node of said security 
gateway cluster, characterized in that it further comprises means (933) for 
detecting a predetermined irregularly occurring action, and means (934) for 
initiating synchronization of said state information as a response to said 
irregularly occurring action (see col .28, lines 59-67; col .29, lines 1-12 and 27-42 
where above limitations are met and where the switch or the virtual circuit 
corresponds to applicant's gateway; information packet carries such as source 
node, destination node, security fields are corresponds to applicant's state 
information; and where CRC or the error detection corresponds to applicant's 
irregularities detection; and where reinstate the control information to the 
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departing packet based on the error detection corresponds to applicant's 
synchronization of the packet and modification of the state information in the 
packet). Also see the entire reference for more detailed in different environment. 

As per claim 31 teach a security gateway cluster (950) having a plurality of 
nodes (900a, 900b), at least one node comprising means (931) for storing state 
information of said node, and means (932) for synchronizing said state 
information with at least one other node of said security gateway cluster, 
characterized in that said at least one node further comprises means (933) for 
detecting a predetermined irregularly occurring action, and means (934) for 
initiating synchronization of said state information as a response to said action 
(see col .28, lines 59-67; col.29, lines 1-12 and 27-42 where above limitations are 
met and where the switch or the virtual circuit corresponds to applicant's 
gateway; information packet carries such as source node, destination node, 
security fields are corresponds to applicant's state information; and where CRC 
or the error detection corresponds to applicant's irregularities detection; and 
where reinstate the control information to the departing packet based on the error 
detection corresponds to applicant's synchronization of the packet and 
modification of the state information in the packet). Also see the entire reference 
for more detailed in different environment. 
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Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) patent may not be obtained though the invention is not identically disclose or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

10. Claims 7, 15 and 16 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Mikurak (6,606,744 B1 ) in view of Applicant Prior Art 
Admittance (AAPA). 

As per claim 7 Mikurak (6,606,744 B1) teach a method (500) according to claim 
1 , characterized in that it further comprises the step of: synchronizing (501 , 403) 
state information from said first node to at least a second node as applied in 
claim 1 and 2 above based on the error detection on col. 28 and 29 but do not 
explicitly disclose the synchronization is periodically being performed. However 
page 5, lines 17-24 of the specification disclose periodic synchronization as Prior 
Art. Therefore it would have been obvious to one of ordinary skilled in the art to 
periodically synchronize the departing packets from one node to another in order 
to update the data structures entries (page 5, lines 21-24). 

As per claim 15 Mikurak (6,606,744 B1) teach a method (800) according to 
claim 1, characterized in that said predetermined action is a receipt (801) of a 
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data packet in said first node of said security gateway cluster as applied to claim 
1 above but do not explicitly disclose, said data packet relating to a command to 
open a new connection via said security gateway cluster. However page 5, lines 
17-24 of the specification disclose periodic synchronization as Prior Art where in 
order to that a new channel or connection is being set up. Therefore it would 
have been obvious to one of ordinary skilled in the art to periodically synchronize 
the departing packets from one node to another in order to update the data 
structures entries (page 5, lines 21-24). 

As per claim 16 Mikurak (6,606,744 B1) teach a method according to claim 15, 
characterized in that it further comprises the step of: delaying (803) sending of 
said data packet from said first node until said synchronization of state 
information is performed (see col .28-29). 

Allowable Subject Matter 

1 1 . Claims 8-10 and 32 are objected to as being dependent upon a rejected 
base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 

Conclusion 

12. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 
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Please see enclosed PTO-892. 

13. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Kambiz Zand whose telephone 
number is (571 ) 272-381 1 . The examiner can normally reached on 
Monday-Thursday (8:00-5:00). If attempts to reach the examiner by 
telephone are unsuccessful, the examiner's supervisor, Gilberto Barron 
can be reached on (571) 272-3799. The fax phone numbers for the 
organization where this application or proceeding is assigned as (571 ) 
273-8300. Information regarding the status of an application may be 
obtained from the Patent Application Information Retrieval (PAIR) system. 
Status information for published applications may be obtained from either 
Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information 
about the PAIR system, see http://pair-direct.uspto.gov. Should you have 
questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




Kambiz Zand 



08/19/2005 



